Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.01.2013, 17:37   #1
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hallo Trojaner Board

Bei mir hat Kaspersky Internet Security heute o.g. Trojaner gefunden, kann den aber nicht reparieren.
Im detaillierten Bericht wird auf die Datei unter dem Pfad C:\dokumente und einstellungen\***\lokale einstellungen\temp\jar_cache2773876738019185789.tmp hingewiesen.

Unter dem selben Pfad (temp-Folder) habe ich auch eine ähnliche Datei mit dem Namen jar_cache1283533027666644075.tmp (03.05.2010) gefunden, die aber von Kaspersky übergangen wird.

User "balu123456" hat vor einer Woche den Thread "Trojaner HEUR:Exploit.Java.CVE-2012-0507.gen und HEUR:Exploit.Java.Generic" eröffnet, und ich denke, wir haben ein ähnliches Problem. Habe aber bisher keine Maßnahmen ergriffen, da ich nicht sicher bin, ob ich mit den gleichen Mitteln weiterkomme.

Ich bin eine technische Niete, also bitte seht es mir nach, wenn ich etwas vergessen oder ungenaue Angaben gemacht habe.

Vielen Dank für Eure Hilfe!!

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:08, on 20.01.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ANIWConnService.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Programme\Aladdin\eToken\PKIClient\x32\eTSrv.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe
C:\Programme\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
C:\Programme\Ask.com\Updater\Updater.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
C:\Programme\Citrix\GoToMeeting\880\g2mstart.exe
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Citrix\GoToMeeting\880\g2mcomm.exe
C:\Programme\Citrix\GoToMeeting\880\g2mlauncher.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.gmx.net/home
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.sbb.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer bereitgestellt von GMX
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless 150 USB Adapter DWA-125] C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe
O4 - HKLM\..\Run: [eTMonitor] "C:\Programme\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Programme\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [GoToMeeting] "C:\Programme\Citrix\GoToMeeting\880\g2mstart.exe" "/Trigger RunAtLogon"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - h**p://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: ETOKSRV (eTSrv) - Aladdin Knowledge Systems, Ltd. - C:\Programme\Aladdin\eToken\PKIClient\x32\eTSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 12914 bytes
         

Alt 21.01.2013, 11:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt





Lesestoff:
Bitte keine Hijackthis-Logfiles posten!!!


Zitat:
Zitat von Larusso Beitrag anzeigen
Uns ist klar, dass HijackThis wahrscheinlich eines der bekanntesten Analysetools ist.
Jedoch scannt es nur noch sehr oberflächlich und gibt uns für eine genaue Analyse eures Systems zu wenig Informationen.

Darum, bitte keine HijackThis Logfiles posten, sondern folgendes lesen und abarbeiten.

http://www.trojaner-board.de/69886-a...-beachten.html

Nur mit diesen Informationen können wir euch helfen.

Danke



Zitat:
Bei mir hat Kaspersky Internet Security heute o.g. Trojaner gefunden, kann den aber nicht reparieren.
Im detaillierten Bericht wird auf die Datei unter dem Pfad C:\dokumente und einstellungen\***\lokale einstellungen\temp\jar_cache2773876738019185789.tmp hingewiesen.
Schön und wo sind die Logs dazu?

Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520


Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 23.01.2013, 22:11   #3
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hi Cosinus,

Danke für deine Antwort und sorry, dass ich keine brauchbaren Angaben gemacht hab.

defogger und otl versteh ich. Gmer-Scan läuft grad auf dem betroffenen PC: in Eurer Anleitung steht: "show all muss abgehakt sein" - bedeutet das, der Haken soll gesetzt sein oder eben nicht?

Log in Kaspersky 2013 finde ich nicht. Im Quarantäne-Ordner wurde nichts abgelegt)

Danke für Aufklärung und Hilfe!
conbi
__________________

Alt 24.01.2013, 08:58   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Zu GMER gibt es doch eine ausführliche Anleitung! => http://www.trojaner-board.de/74908-a...t-scanner.html
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.01.2013, 21:26   #5
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hi Cosinus,

Danke, mit Bildanleitung hats dann auch bei mir funktioniert...

Here we go!

defogger_disable:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:24 on 23/01/2013 (***)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

OTL:
Code:
ATTFilter
OTL logfile created on: 23.01.2013 22:25:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.25 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 74.76% Memory free
5.08 Gb Paging File | 4.21 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78.13 Gb Total Space | 34.89 Gb Free Space | 44.65% Space Free | Partition Type: NTFS
Drive D: | 387.62 Gb Total Space | 387.55 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
 
Computer Name: DIGITEC-*** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.23 22:21:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
PRC - [2012.11.15 19:37:41 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.07.30 14:02:22 | 000,640,480 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2012.06.12 21:34:18 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Programme\Citrix\GoToMeeting\880\g2mstart.exe
PRC - [2012.06.12 21:34:18 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Programme\Citrix\GoToMeeting\880\g2mlauncher.exe
PRC - [2012.06.12 21:34:18 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Programme\Citrix\GoToMeeting\880\g2mcomm.exe
PRC - [2012.06.06 20:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2009.12.31 10:17:32 | 000,230,752 | ---- | M] (Aladdin Knowledge Systems, Ltd.) -- C:\Programme\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
PRC - [2009.12.31 10:17:24 | 000,012,640 | ---- | M] (Aladdin Knowledge Systems, Ltd.) -- C:\Programme\Aladdin\eToken\PKIClient\x32\eTSrv.exe
PRC - [2009.07.20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2009.07.10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009.05.04 14:46:06 | 001,683,456 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe
PRC - [2009.02.26 12:46:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.19 10:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.12.05 06:09:19 | 001,310,136 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2009.07.20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Programme\Logitech\SetPoint\khalwrapper.dll
MOD - [2009.03.05 10:12:08 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll
MOD - [2009.02.27 15:41:25 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2009.02.27 15:39:29 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009.02.27 15:32:27 | 000,020,480 | ---- | M] () -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2009.02.26 12:46:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
MOD - [2009.02.09 17:26:10 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANIOApi.dll
MOD - [2009.02.09 17:26:10 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWA-125 revA\ANIOApi.dll
MOD - [2009.01.18 14:50:01 | 000,417,792 | ---- | M] () -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\AdobeXMP.dll
MOD - [2008.11.12 14:54:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.03.29 14:11:10 | 000,217,088 | ---- | M] () -- C:\Programme\Aladdin\eToken\PKIClient\x32\QtXml4.dll
MOD - [2007.03.27 19:06:46 | 000,131,072 | R--- | M] () -- C:\Programme\Aladdin\eToken\PKIClient\x32\plugins\imageformats\qjpeg1.dll
MOD - [2007.03.27 19:04:00 | 005,529,600 | R--- | M] () -- C:\Programme\Aladdin\eToken\PKIClient\x32\QtGui4.dll
MOD - [2007.03.27 19:04:00 | 001,466,368 | R--- | M] () -- C:\Programme\Aladdin\eToken\PKIClient\x32\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.01.20 11:54:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.11 22:41:18 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.15 19:37:41 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012.11.12 19:53:07 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\programme\gemeinsame dateien\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.31 10:17:24 | 000,012,640 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Auto | Running] -- C:\Programme\Aladdin\eToken\PKIClient\x32\eTSrv.exe -- (eTSrv)
SRV - [2009.07.20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.03.26 19:26:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.26 12:46:40 | 000,147,456 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ANIWConnService.exe -- (ANIWConnService)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007.01.19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.11.15 19:37:53 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kltdi.sys -- (kltdi)
DRV - [2012.11.15 19:37:53 | 000,024,920 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012.11.15 19:37:52 | 000,586,584 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.11.15 19:37:52 | 000,024,408 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012.08.13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kneps.sys -- (kneps)
DRV - [2012.06.27 14:09:08 | 000,035,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1)
DRV - [2010.01.25 14:56:26 | 000,115,712 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm)
DRV - [2009.10.14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009.06.17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009.06.17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.06.17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.04.15 13:32:36 | 000,715,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009.02.09 17:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2008.07.29 16:40:04 | 000,048,296 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksifdh.sys -- (AKSIFDH)
DRV - [2008.07.29 16:40:04 | 000,034,472 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksup.sys -- (AKSUP)
DRV - [2008.06.25 17:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.06.23 23:21:48 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2008.05.20 10:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004.08.13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/home
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.gmx.net/tab2 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sbb.ch/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {757DF406-D25E-47AF-947B-534433A4561E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{2BBC3B9D-4AF9-43C2-8AEE-115CE3E12E1A}: "URL" = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKCU\..\SearchScopes\{5DDA8725-6C36-4A97-BC85-8376C711A279}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKCU\..\SearchScopes\{682007AC-9012-4599-967B-F9F51B28E65E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCH&apn_uid=46B4C26C-E671-45D8-961B-79739A2F0783&apn_sauid=49F60355-AF76-4B92-985F-DB670D90154B
IE - HKCU\..\SearchScopes\{757DF406-D25E-47AF-947B-534433A4561E}: "URL" = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;127.0.0.1:9421;
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: %7B2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9%7D:2.3.4
FF - prefs.js..extensions.enabledAddons: %7B75CEEE46-9B64-46f8-94BF-54012DE155F0%7D:0.4.10
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.2
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.3.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4.10
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:12.0.0.470
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:12.0.0.470
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:12.0.0.470
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=46B4C26C-E671-45D8-961B-79739A2F0783&apn_ptnrs=9M&apn_sauid=49F60355-AF76-4B92-985F-DB670D90154B&apn_dtid=OSJ000&&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Programme\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.12.22 14:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.12.22 14:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.12.22 14:17:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.12.22 14:17:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.12.22 14:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.01.20 11:54:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.01.20 11:54:00 | 000,000,000 | ---D | M]
 
[2009.03.15 12:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.12.14 06:01:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\extensions
[2012.10.24 15:52:46 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011.10.16 13:26:22 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2012.12.14 06:01:43 | 002,151,598 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\extensions\firebug@software.joehewitt.com.xpi
[2012.09.06 14:09:02 | 001,268,546 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012.07.22 11:06:42 | 000,002,299 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\sgymwk4t.default\searchplugins\askcom.xml
[2013.01.20 11:53:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.20 11:53:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.01.20 11:53:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.01.20 11:53:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.01.20 11:53:47 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2013.01.20 11:53:48 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2013.01.20 11:54:30 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.09.11 09:03:53 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.11 09:03:53 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.09.11 09:03:53 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.11 09:03:53 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.11 09:03:53 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.11 09:03:53 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [D-Link D-Link Wireless 150 USB Adapter DWA-125] C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [eTMonitor] C:\Programme\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe (Aladdin Knowledge Systems, Ltd.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [GoToMeeting] C:\Programme\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_19-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.230.55.96 212.98.37.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B954F35-D852-4826-8AFC-EA782343BE30}: DhcpNameServer = 194.230.55.96 212.98.37.130
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.16 18:29:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4b79e030-1e7c-11de-9024-002354325a8b}\Shell - "" = AutoRun
O33 - MountPoints2\{4b79e030-1e7c-11de-9024-002354325a8b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4b79e030-1e7c-11de-9024-002354325a8b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.23 22:21:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.01.21 21:50:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\ablegen
[2013.01.21 21:49:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\trojaner
[2013.01.20 18:05:43 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2013.01.20 18:05:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\HiJackThis
[2013.01.20 11:53:41 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2011.03.26 14:25:48 | 001,228,360 | ---- | C] (Adobe Systems Incorporated) -- C:\Programme\InDesign_7_LS4.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.23 22:26:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013.01.23 22:24:00 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2013.01.23 22:22:47 | 000,365,568 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\gmer-2.0.18444.exe
[2013.01.23 22:21:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.01.23 22:20:37 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Defogger.exe
[2013.01.23 22:09:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.23 21:41:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.01.23 21:06:57 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{5B954F35-D852-4826-8AFC-EA782343BE30}
[2013.01.23 21:06:47 | 000,000,018 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{5B954F35-D852-4826-8AFC-EA782343BE30}
[2013.01.23 21:06:39 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2013.01.23 21:06:35 | 000,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.01.23 21:06:32 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.23 21:06:31 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.23 21:06:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.20 18:05:43 | 000,002,008 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\HiJackThis.lnk
[2013.01.18 13:12:32 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2013.01.11 22:45:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.23 22:24:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2013.01.23 22:23:00 | 000,365,568 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\gmer-2.0.18444.exe
[2013.01.23 22:20:55 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Defogger.exe
[2013.01.20 18:05:43 | 000,002,008 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\HiJackThis.lnk
[2012.06.12 21:33:20 | 000,060,304 | ---- | C] () -- C:\Dokumente und Einstellungen\***\g2mdlhlpx.exe
[2012.02.15 20:43:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.16 12:49:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ANIWConnService.exe
[2011.10.16 12:49:00 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2011.10.16 12:49:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll
[2011.10.16 12:49:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll
[2011.10.16 12:49:00 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll
[2011.10.16 12:48:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2011.10.16 12:48:45 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll
[2011.10.16 12:48:45 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys
[2011.10.16 12:48:45 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys
[2011.10.16 12:48:41 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\ANIWPS.exe
[2011.10.16 12:48:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll
[2011.03.26 14:56:18 | 000,389,763 | ---- | C] () -- C:\Programme\Viktig om InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,386,221 | ---- | C] () -- C:\Programme\Vigtigt-fil til InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,383,217 | ---- | C] () -- C:\Programme\InDesign CS5 - Lueminut.pdf
[2011.03.26 14:56:18 | 000,376,190 | ---- | C] () -- C:\Programme\Viktigt om InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,093,402 | ---- | C] () -- C:\Programme\Leia-me do InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,076,722 | ---- | C] () -- C:\Programme\InDesign CS5 — Lisez-moi.pdf
[2011.03.26 14:56:18 | 000,073,314 | ---- | C] () -- C:\Programme\InDesign CS5 - Bitte lesen.pdf
[2011.03.26 14:56:18 | 000,069,171 | ---- | C] () -- C:\Programme\Léame de InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,067,694 | ---- | C] () -- C:\Programme\Leggimi di InDesign CS5.pdf
[2011.03.26 14:56:18 | 000,064,495 | ---- | C] () -- C:\Programme\Lees mij voor InDesign CS5.pdf
[2011.03.26 14:25:49 | 970,396,551 | ---- | C] () -- C:\Programme\InDesign_7_LS4.7z
[2010.05.16 19:30:51 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2009.10.01 09:06:27 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\setup_ldm.iss
[2009.04.01 06:17:20 | 000,019,968 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.12.22 06:07:57 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.07.22 10:56:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ask
[2011.11.27 15:40:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bernina820
[2010.01.31 17:05:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2009.08.02 15:45:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap
[2011.03.26 15:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2009.06.06 13:20:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2010.01.31 17:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{4982A2B2-A1A9-4911-9CE4-2B4981000AF7}
[2009.12.29 10:49:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\com.adobe.ExMan
[2009.09.29 15:29:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\com.snippely.6E4C758165F11BBEC90F106AA88CF53EB51547B1.1
[2009.07.01 04:55:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\EPSON
[2012.09.06 21:30:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
[2010.11.14 22:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LLB
[2009.03.15 12:23:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Opera
[2009.04.11 18:33:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TeamViewer
 
========== Purity Check ==========
 
 

< End of report >
         

Extras:
Code:
ATTFilter
OTL Extras logfile created on: 23.01.2013 22:25:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.25 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 74.76% Memory free
5.08 Gb Paging File | 4.21 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78.13 Gb Total Space | 34.89 Gb Free Space | 44.65% Space Free | Partition Type: NTFS
Drive D: | 387.62 Gb Total Space | 387.55 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
 
Computer Name: DIGITEC-*** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1117:TCP" = 1117:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B561CF4-0C7D-4745-AF53-161E24E44F87}" = Adobe CS4 Italian Speech Analysis Models
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1FD653A8-9CFA-4392-B89C-CCDB114DE442}" = Adobe CS4 Spanish Speech Analysis Models
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{377FD9B9-8377-49B9-A052-17BEFFEEE4A2}" = Adobe Creative Suite 4 Web Premium
"{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}" = eToken PKI Client 5.1 SP1
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47B5BE0B-87DC-8903-743A-4D0A9D5AB22C}" = Snippely
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}" = Adobe CS4 Korean Speech Analysis Models
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4D6FB09F-3FFC-4758-A7B0-A74479F3A421}_is1" = BERNINA 820 Simulator V1.1
"{4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}" = OMNIKEY 3x21 PC/SC Driver
"{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}" = Adobe CS4 International English Speech Analysis Models
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE83279-5FEA-4885-823A-B90C23A72DF0}" = D-Link Wireless 150 USB Adapter DWA-125
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142190}" = Java 2 Runtime Environment, SE v1.4.2_19
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AAC4B2B-C3D2-465C-9F2C-B9DCF0D7FDB8}" = Adobe Setup
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7C4EAC-6E38-42E3-85AA-408874A803DE}" = Adobe CS4 German Speech Analysis Models
"{9AACCD0F-2734-4E8C-8C24-2702D4506E93}" = Adobe CS4 French Speech Analysis Models
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_952" = Adobe Acrobat 9.5.2 - CPSID_83708
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}" = Adobe CS4 Japanese Speech Analysis Models
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9766AC1-1461-1033-B862-DF8FE1C033BE}" = Adobe InDesign CS5
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_4db064343401efd6449f33f8411c14b" = Adobe Creative Suite 4 Web Premium
"Akamai" = Akamai NetSession Interface Service
"Benutzerhandbuch ESDX5000_CX4900" = Benutzerhandbuch ESDX5000_CX4900
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.snippely.6E4C758165F11BBEC90F106AA88CF53EB51547B1.1" = Snippely
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.2.7.1
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Linthbanking" = Linthbanking
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSNINST" = MSN
"mv61xxDriver" = marvell 61xx
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinMerge_is1" = WinMerge 2.12.4
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Akamai" = Akamai NetSession Interface
"GoToMeeting" = GoToMeeting 5.1.0.880
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.12.2011 03:16:43 | Computer Name = DIGITEC-*** | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ANIWZCSdS.exe, Version 1.0.3.7034, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000116f4.
 
[ OSession Events ]
Error - 21.10.2011 12:58:28 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 21.10.2011 13:13:20 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 21.10.2011 13:14:59 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 22.10.2011 06:52:22 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 23.10.2011 10:18:06 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 30.10.2011 00:58:15 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 20.01.2013 11:51:08 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 20.01.2013 11:51:08 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:36 | Computer Name = DIGITEC-*** | Source = SideBySide | ID = 16842810
Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Gemeinsame
 Dateien\Adobe\ARM\1.0\AdobeARM.exe" in Zeile 0.
 
Error - 23.01.2013 16:06:36 | Computer Name = DIGITEC-*** | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
 
< End of report >
         

GMER:
Code:
ATTFilter
OTL Extras logfile created on: 23.01.2013 22:25:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.25 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 74.76% Memory free
5.08 Gb Paging File | 4.21 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78.13 Gb Total Space | 34.89 Gb Free Space | 44.65% Space Free | Partition Type: NTFS
Drive D: | 387.62 Gb Total Space | 387.55 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
 
Computer Name: DIGITEC-*** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1117:TCP" = 1117:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B561CF4-0C7D-4745-AF53-161E24E44F87}" = Adobe CS4 Italian Speech Analysis Models
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1FD653A8-9CFA-4392-B89C-CCDB114DE442}" = Adobe CS4 Spanish Speech Analysis Models
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{377FD9B9-8377-49B9-A052-17BEFFEEE4A2}" = Adobe Creative Suite 4 Web Premium
"{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}" = eToken PKI Client 5.1 SP1
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47B5BE0B-87DC-8903-743A-4D0A9D5AB22C}" = Snippely
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}" = Adobe CS4 Korean Speech Analysis Models
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4D6FB09F-3FFC-4758-A7B0-A74479F3A421}_is1" = BERNINA 820 Simulator V1.1
"{4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}" = OMNIKEY 3x21 PC/SC Driver
"{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}" = Adobe CS4 International English Speech Analysis Models
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE83279-5FEA-4885-823A-B90C23A72DF0}" = D-Link Wireless 150 USB Adapter DWA-125
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142190}" = Java 2 Runtime Environment, SE v1.4.2_19
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AAC4B2B-C3D2-465C-9F2C-B9DCF0D7FDB8}" = Adobe Setup
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7C4EAC-6E38-42E3-85AA-408874A803DE}" = Adobe CS4 German Speech Analysis Models
"{9AACCD0F-2734-4E8C-8C24-2702D4506E93}" = Adobe CS4 French Speech Analysis Models
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_952" = Adobe Acrobat 9.5.2 - CPSID_83708
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}" = Adobe CS4 Japanese Speech Analysis Models
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9766AC1-1461-1033-B862-DF8FE1C033BE}" = Adobe InDesign CS5
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_4db064343401efd6449f33f8411c14b" = Adobe Creative Suite 4 Web Premium
"Akamai" = Akamai NetSession Interface Service
"Benutzerhandbuch ESDX5000_CX4900" = Benutzerhandbuch ESDX5000_CX4900
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.snippely.6E4C758165F11BBEC90F106AA88CF53EB51547B1.1" = Snippely
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.2.7.1
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Linthbanking" = Linthbanking
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSNINST" = MSN
"mv61xxDriver" = marvell 61xx
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinMerge_is1" = WinMerge 2.12.4
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Akamai" = Akamai NetSession Interface
"GoToMeeting" = GoToMeeting 5.1.0.880
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.12.2011 03:16:43 | Computer Name = DIGITEC-*** | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ANIWZCSdS.exe, Version 1.0.3.7034, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000116f4.
 
[ OSession Events ]
Error - 21.10.2011 12:58:28 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 21.10.2011 13:13:20 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 21.10.2011 13:14:59 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 22.10.2011 06:52:22 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 23.10.2011 10:18:06 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 30.10.2011 00:58:15 | Computer Name = DIGITEC-*** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 20.01.2013 11:51:08 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 20.01.2013 11:51:08 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 21.01.2013 16:20:12 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:27 | Computer Name = DIGITEC-*** | Source = SCardSvr | ID = 602
Description = Die WDM-Lesertreiberinitialisierung konnte den Leser nicht öffnen:
 Das System kann den angegebenen Pfad nicht finden.
 
Error - 23.01.2013 16:06:36 | Computer Name = DIGITEC-*** | Source = SideBySide | ID = 16842810
Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Gemeinsame
 Dateien\Adobe\ARM\1.0\AdobeARM.exe" in Zeile 0.
 
Error - 23.01.2013 16:06:36 | Computer Name = DIGITEC-*** | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
 
< End of report >
         


Alt 26.01.2013, 20:35   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Zitat:
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Warum bitte eine Professional Edition für Windows? Wer braucht das als Heimanwender?
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________
--> HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt

Alt 27.01.2013, 07:36   #7
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Das hab ich mir damals beim Kauf des PCs wohl von jemandem andrehen lassen. Bestätigt wahrscheinlich noch mehr, das ich eine Niete bin bei allem rund um den PC, was nicht die Anwendung betrifft...
PC steht bei mir daheim. Wird nur privat genutzt von 2 Benutzern. Hab bisher ja immer am WE oder abends gepostet. Wenn es ein Firmen- oder Unirechner wäre, hätte ich mich auch tagsüber mal drum kümmern können.

Alt 27.01.2013, 12:36   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.01.2013, 20:54   #9
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hallo Cosinus,

Hier die Logs.

aswMBR:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-27 21:13:34
-----------------------------
21:13:34.276    OS Version: Windows 5.1.2600 Service Pack 3
21:13:34.276    Number of processors: 2 586 0x170A
21:13:34.276    ComputerName: DIGITEC-***  UserName: 
21:20:09.401    Initialze error C0000034 - driver not loaded
21:21:47.042    AVAST engine defs: 13012700
21:23:14.448    Service scanning
21:23:17.386    Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
21:23:17.401    Service ACPIEC C:\WINDOWS\System32\Drivers\ACPIEC.sys **LOCKED** 32
21:23:17.448    Service adfs C:\WINDOWS\System32\Drivers\adfs.sys **LOCKED** 32
21:23:17.729    Service aec C:\WINDOWS\system32\drivers\aec.sys **LOCKED** 32
21:23:17.776    Service AFD C:\WINDOWS\System32\drivers\afd.sys **LOCKED** 32
21:23:18.104    Service AKSIFDH C:\WINDOWS\system32\DRIVERS\aksifdh.sys **LOCKED** 32
21:23:18.136    Service AKSUP C:\WINDOWS\system32\drivers\aksup.sys **LOCKED** 32
21:23:18.198    Service ANIO C:\WINDOWS\system32\ANIO.SYS **LOCKED** 32
21:23:18.292    Service Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys **LOCKED** 32
21:23:18.323    Service AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys **LOCKED** 32
21:23:18.354    Service atapi C:\WINDOWS\system32\DRIVERS\atapi.sys **LOCKED** 32
21:23:18.386    Service Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys **LOCKED** 32
21:23:18.448    Service audstub C:\WINDOWS\system32\DRIVERS\audstub.sys **LOCKED** 32
21:23:18.542    Service Beep C:\WINDOWS\System32\Drivers\Beep.sys **LOCKED** 32
21:23:18.667    Service cbidf2k C:\WINDOWS\System32\Drivers\cbidf2k.sys **LOCKED** 32
21:23:18.667    Service Cdaudio C:\WINDOWS\System32\Drivers\Cdaudio.sys **LOCKED** 32
21:23:18.729    Service Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys **LOCKED** 32
21:23:18.808    Service cxbu0wdm C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys **LOCKED** 32
21:23:18.917    Service Disk C:\WINDOWS\system32\DRIVERS\disk.sys **LOCKED** 32
21:23:19.011    Service dmboot C:\WINDOWS\System32\drivers\dmboot.sys **LOCKED** 32
21:23:19.026    Service dmio C:\WINDOWS\System32\drivers\dmio.sys **LOCKED** 32
21:23:19.026    Service dmload C:\WINDOWS\System32\drivers\dmload.sys **LOCKED** 32
21:23:19.073    Service DMusic C:\WINDOWS\system32\drivers\DMusic.sys **LOCKED** 32
21:23:19.120    Service drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys **LOCKED** 32
21:23:19.167    Service ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.sys **LOCKED** 32
21:23:19.433    Service Fdc C:\WINDOWS\System32\Drivers\Fdc.sys **LOCKED** 32
21:23:19.464    Service Fips C:\WINDOWS\System32\Drivers\Fips.sys **LOCKED** 32
21:23:19.542    Service Flpydisk C:\WINDOWS\System32\Drivers\Flpydisk.sys **LOCKED** 32
21:23:19.589    Service Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys **LOCKED** 32
21:23:19.620    Service Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys **LOCKED** 32
21:23:19.745    Service HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys **LOCKED** 32
21:23:19.839    Service hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys **LOCKED** 32
21:23:19.917    Service HTTP C:\WINDOWS\System32\Drivers\HTTP.sys **LOCKED** 32
21:23:19.948    Service i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys **LOCKED** 32
21:23:19.964    Service Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys **LOCKED** 32
21:23:20.229    Service IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys **LOCKED** 32
21:23:20.245    Service intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys **LOCKED** 32
21:23:20.261    Service Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys **LOCKED** 32
21:23:20.292    Service IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys **LOCKED** 32
21:23:20.292    Service IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys **LOCKED** 32
21:23:20.339    Service IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys **LOCKED** 32
21:23:20.370    Service IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys **LOCKED** 32
21:23:20.386    Service IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys **LOCKED** 32
21:23:20.401    Service isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys **LOCKED** 32
21:23:20.526    Service Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys **LOCKED** 32
21:23:20.589    Service kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys **LOCKED** 32
21:23:20.651    Service KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 32
21:23:20.667    Service klbg C:\WINDOWS\system32\drivers\klbg.sys **LOCKED** 32
21:23:20.745    Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 32
21:23:20.776    Service klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys **LOCKED** 32
21:23:20.792    Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 32
21:23:20.808    Service kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys **LOCKED** 32
21:23:20.854    Service kmixer C:\WINDOWS\system32\drivers\kmixer.sys **LOCKED** 32
21:23:20.901    Service kneps C:\WINDOWS\system32\DRIVERS\kneps.sys **LOCKED** 32
21:23:20.917    Service KSecDD C:\WINDOWS\System32\Drivers\KSecDD.sys **LOCKED** 32
21:23:20.964    Service L1e C:\WINDOWS\system32\DRIVERS\l1e51x86.sys **LOCKED** 32
21:23:21.151    Service LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys **LOCKED** 32
21:23:21.198    Service LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys **LOCKED** 32
21:23:21.214    Service LUsbFilt C:\WINDOWS\System32\Drivers\LUsbFilt.Sys **LOCKED** 32
21:23:21.261    Service mnmdd C:\WINDOWS\System32\Drivers\mnmdd.sys **LOCKED** 32
21:23:21.308    Service Modem C:\WINDOWS\System32\Drivers\Modem.sys **LOCKED** 32
21:23:21.339    Service Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys **LOCKED** 32
21:23:21.354    Service mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys **LOCKED** 32
21:23:21.370    Service MountMgr C:\WINDOWS\System32\Drivers\MountMgr.sys **LOCKED** 32
21:23:21.604    Service MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys **LOCKED** 32
21:23:21.604    Service MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys **LOCKED** 32
21:23:21.620    Service MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys **LOCKED** 32
21:23:21.636    Service mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys **LOCKED** 32
21:23:21.651    Service MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys **LOCKED** 32
21:23:21.683    Service mv61xx C:\WINDOWS\system32\DRIVERS\mv61xx.sys **LOCKED** 32
21:23:21.745    Service NDIS C:\WINDOWS\System32\Drivers\NDIS.sys **LOCKED** 32
21:23:21.761    Service NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys **LOCKED** 32
21:23:21.792    Service Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys **LOCKED** 32
21:23:21.808    Service NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys **LOCKED** 32
21:23:21.839    Service NDProxy C:\WINDOWS\System32\Drivers\NDProxy.sys **LOCKED** 32
21:23:21.886    Service NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys **LOCKED** 32
21:23:21.995    Service NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys **LOCKED** 32
21:23:22.183    Service Null C:\WINDOWS\System32\Drivers\Null.sys **LOCKED** 32
21:23:22.542    Service nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys **LOCKED** 32
21:23:22.573    Service NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys **LOCKED** 32
21:23:22.589    Service NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys **LOCKED** 32
21:23:22.761    Service ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys **LOCKED** 32
21:23:22.839    Service Parport C:\WINDOWS\System32\Drivers\Parport.sys **LOCKED** 32
21:23:22.854    Service PartMgr C:\WINDOWS\System32\Drivers\PartMgr.sys **LOCKED** 32
21:23:22.870    Service ParVdm C:\WINDOWS\System32\Drivers\ParVdm.sys **LOCKED** 32
21:23:22.886    Service PCI C:\WINDOWS\system32\DRIVERS\pci.sys **LOCKED** 32
21:23:22.886    Service PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys **LOCKED** 32
21:23:22.917    Service Pcmcia C:\WINDOWS\System32\Drivers\Pcmcia.sys **LOCKED** 32
21:23:22.995    Service PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys **LOCKED** 32
21:23:23.011    Service PSched C:\WINDOWS\system32\DRIVERS\psched.sys **LOCKED** 32
21:23:23.026    Service Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys **LOCKED** 32
21:23:23.042    Service RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys **LOCKED** 32
21:23:23.089    Service Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys **LOCKED** 32
21:23:23.136    Service RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys **LOCKED** 32
21:23:23.136    Service Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys **LOCKED** 32
21:23:23.198    Service RDPCDD C:\WINDOWS\System32\DRIVERS\RDPCDD.sys **LOCKED** 32
21:23:23.214    Service rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys **LOCKED** 32
21:23:23.245    Service RDPWD C:\WINDOWS\System32\Drivers\RDPWD.sys **LOCKED** 32
21:23:23.292    Service redbook C:\WINDOWS\system32\DRIVERS\redbook.sys **LOCKED** 32
21:23:23.573    Service rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys **LOCKED** 32
21:23:23.667    Service Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys **LOCKED** 32
21:23:23.729    Service Serial C:\WINDOWS\System32\Drivers\Serial.sys **LOCKED** 32
21:23:23.729    Service Sfloppy C:\WINDOWS\System32\Drivers\Sfloppy.sys **LOCKED** 32
21:23:23.964    Service SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS **LOCKED** 32
21:23:23.995    Service splitter C:\WINDOWS\system32\drivers\splitter.sys **LOCKED** 32
21:23:24.214    Service swenum C:\WINDOWS\system32\DRIVERS\swenum.sys **LOCKED** 32
21:23:24.308    Service swmidi C:\WINDOWS\system32\drivers\swmidi.sys **LOCKED** 32
21:23:24.339    Service sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys **LOCKED** 32
21:23:24.464    Service Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys **LOCKED** 32
21:23:24.479    Service TDPIPE C:\WINDOWS\System32\Drivers\TDPIPE.sys **LOCKED** 32
21:23:24.495    Service TDTCP C:\WINDOWS\System32\Drivers\TDTCP.sys **LOCKED** 32
21:23:24.526    Service TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys **LOCKED** 32
21:23:24.761    Service Update C:\WINDOWS\system32\DRIVERS\update.sys **LOCKED** 32
21:23:24.823    Service usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys **LOCKED** 32
21:23:24.854    Service usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys **LOCKED** 32
21:23:24.870    Service usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys **LOCKED** 32
21:23:24.901    Service usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys **LOCKED** 32
21:23:24.917    Service usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys **LOCKED** 32
21:23:24.933    Service usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS **LOCKED** 32
21:23:24.948    Service usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys **LOCKED** 32
21:23:24.995    Service VgaSave C:\WINDOWS\System32\drivers\vga.sys **LOCKED** 32
21:23:25.011    Service VolSnap C:\WINDOWS\System32\Drivers\VolSnap.sys **LOCKED** 32
21:23:25.089    Service Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys **LOCKED** 32
21:23:25.151    Service Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys **LOCKED** 32
21:23:25.183    Service wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys **LOCKED** 32
21:23:26.026    Modules scanning
21:23:26.026    Disk 0 trace - called modules:
21:23:26.026    
21:23:26.339    AVAST engine scan C:\WINDOWS
21:23:43.823    AVAST engine scan C:\WINDOWS\system32
21:24:44.245    AVAST engine scan C:\WINDOWS\system32\drivers
21:24:49.417    AVAST engine scan C:\Dokumente und Einstellungen\***
21:35:29.808    AVAST engine scan C:\Dokumente und Einstellungen\All Users
21:36:30.964    Scan finished successfully
21:42:09.386    The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR_original_mitName.txt"
         

TDSS-Killer:
Code:
ATTFilter
21:42:48.0292 3240  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:42:48.0464 3240  ============================================================
21:42:48.0464 3240  Current date / time: 2013/01/27 21:42:48.0464
21:42:48.0464 3240  SystemInfo:
21:42:48.0464 3240  
21:42:48.0464 3240  OS Version: 5.1.2600 ServicePack: 3.0
21:42:48.0464 3240  Product type: Workstation
21:42:48.0464 3240  ComputerName: DIGITEC-***
21:42:48.0464 3240  UserName: ***
21:42:48.0464 3240  Windows directory: C:\WINDOWS
21:42:48.0464 3240  System windows directory: C:\WINDOWS
21:42:48.0464 3240  Processor architecture: Intel x86
21:42:48.0464 3240  Number of processors: 2
21:42:48.0464 3240  Page size: 0x1000
21:42:48.0464 3240  Boot type: Normal boot
21:42:48.0464 3240  ============================================================
21:42:53.0917 3240  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:42:53.0948 3240  ============================================================
21:42:53.0948 3240  \Device\Harddisk0\DR0:
21:42:53.0948 3240  MBR partitions:
21:42:53.0948 3240  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
21:42:53.0964 3240  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x3073F22A
21:42:53.0964 3240  ============================================================
21:42:53.0995 3240  C: <-> \Device\Harddisk0\DR0\Partition1
21:42:54.0026 3240  D: <-> \Device\Harddisk0\DR0\Partition2
21:42:54.0026 3240  ============================================================
21:42:54.0026 3240  Initialize success
21:42:54.0026 3240  ============================================================
21:43:41.0339 3708  ============================================================
21:43:41.0339 3708  Scan started
21:43:41.0339 3708  Mode: Manual; SigCheck; TDLFS; 
21:43:41.0339 3708  ============================================================
21:43:42.0495 3708  ================ Scan system memory ========================
21:43:42.0495 3708  System memory - ok
21:43:42.0495 3708  ================ Scan services =============================
21:43:42.0589 3708  Abiosdsk - ok
21:43:42.0589 3708  abp480n5 - ok
21:43:42.0604 3708  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:43:43.0464 3708  ACPI - ok
21:43:43.0495 3708  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:43:43.0573 3708  ACPIEC - ok
21:43:43.0589 3708  [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs            C:\WINDOWS\system32\drivers\adfs.sys
21:43:43.0604 3708  adfs - ok
21:43:43.0714 3708  [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
21:43:43.0729 3708  Adobe Version Cue CS4 - ok
21:43:43.0776 3708  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:43:43.0792 3708  AdobeFlashPlayerUpdateSvc - ok
21:43:43.0792 3708  adpu160m - ok
21:43:43.0808 3708  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:43:43.0886 3708  aec - ok
21:43:43.0901 3708  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:43:43.0933 3708  AFD - ok
21:43:43.0933 3708  Aha154x - ok
21:43:43.0933 3708  aic78u2 - ok
21:43:43.0933 3708  aic78xx - ok
21:43:44.0026 3708  [ B9B98E08EC127900025F42462D3D0A66 ] Akamai          c:\programme\gemeinsame dateien\akamai/netsession_win_ce5ba24.dll
21:43:44.0026 3708  Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
21:43:44.0026 3708  Akamai ( HiddenFile.Multi.Generic ) - warning
21:43:44.0026 3708  Akamai - detected HiddenFile.Multi.Generic (1)
21:43:44.0058 3708  [ CABBAE3643304B22269B200248BDBE77 ] AKSIFDH         C:\WINDOWS\system32\DRIVERS\aksifdh.sys
21:43:44.0073 3708  AKSIFDH - ok
21:43:44.0089 3708  [ 6D657B9517F8C8EA55BD306E3C1BCFBC ] AKSUP           C:\WINDOWS\system32\drivers\aksup.sys
21:43:44.0089 3708  AKSUP - ok
21:43:44.0120 3708  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:43:44.0167 3708  Alerter - ok
21:43:44.0183 3708  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
21:43:44.0214 3708  ALG - ok
21:43:44.0229 3708  AliIde - ok
21:43:44.0229 3708  amsint - ok
21:43:44.0245 3708  [ 2953A157A783BFC06F42F99FEFA5EB07 ] ANIO            C:\WINDOWS\system32\ANIO.SYS
21:43:44.0276 3708  ANIO ( UnsignedFile.Multi.Generic ) - warning
21:43:44.0276 3708  ANIO - detected UnsignedFile.Multi.Generic (1)
21:43:44.0276 3708  [ 2D007966BB8A6C89433766E3D682BBEC ] ANIWConnService C:\WINDOWS\system32\ANIWConnService.exe
21:43:44.0276 3708  ANIWConnService ( UnsignedFile.Multi.Generic ) - warning
21:43:44.0276 3708  ANIWConnService - detected UnsignedFile.Multi.Generic (1)
21:43:44.0323 3708  [ AA3D68F26B2A27F660AFC46039B061A4 ] ANIWZCSdService C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
21:43:44.0323 3708  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - warning
21:43:44.0323 3708  ANIWZCSdService - detected UnsignedFile.Multi.Generic (1)
21:43:44.0339 3708  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
21:43:44.0370 3708  AppMgmt - ok
21:43:44.0386 3708  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:43:44.0433 3708  Arp1394 - ok
21:43:44.0448 3708  asc - ok
21:43:44.0448 3708  asc3350p - ok
21:43:44.0448 3708  asc3550 - ok
21:43:44.0464 3708  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:43:44.0526 3708  AsyncMac - ok
21:43:44.0542 3708  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:43:44.0604 3708  atapi - ok
21:43:44.0604 3708  Atdisk - ok
21:43:44.0620 3708  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:43:44.0698 3708  Atmarpc - ok
21:43:44.0698 3708  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:43:44.0761 3708  AudioSrv - ok
21:43:44.0792 3708  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:43:44.0839 3708  audstub - ok
21:43:44.0886 3708  AVP - ok
21:43:44.0901 3708  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:43:44.0979 3708  Beep - ok
21:43:44.0995 3708  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:43:45.0073 3708  BITS - ok
21:43:45.0089 3708  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
21:43:45.0120 3708  Browser - ok
21:43:45.0136 3708  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:43:45.0198 3708  cbidf2k - ok
21:43:45.0198 3708  cd20xrnt - ok
21:43:45.0198 3708  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:43:45.0261 3708  Cdaudio - ok
21:43:45.0276 3708  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:43:45.0323 3708  Cdfs - ok
21:43:45.0354 3708  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:43:45.0417 3708  Cdrom - ok
21:43:45.0417 3708  Changer - ok
21:43:45.0433 3708  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:43:45.0495 3708  CiSvc - ok
21:43:45.0495 3708  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:43:45.0558 3708  ClipSrv - ok
21:43:45.0558 3708  CmdIde - ok
21:43:45.0558 3708  COMSysApp - ok
21:43:45.0558 3708  Cpqarray - ok
21:43:45.0558 3708  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:43:45.0620 3708  CryptSvc - ok
21:43:45.0636 3708  [ 0A33FAF49AF96D5B220D86AC784D0869 ] cxbu0wdm        C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys
21:43:45.0651 3708  cxbu0wdm - ok
21:43:45.0651 3708  dac2w2k - ok
21:43:45.0651 3708  dac960nt - ok
21:43:45.0683 3708  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:43:45.0714 3708  DcomLaunch - ok
21:43:45.0729 3708  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:43:45.0792 3708  Dhcp - ok
21:43:45.0792 3708  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:43:45.0854 3708  Disk - ok
21:43:45.0854 3708  dmadmin - ok
21:43:45.0886 3708  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:43:45.0948 3708  dmboot - ok
21:43:45.0964 3708  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:43:46.0026 3708  dmio - ok
21:43:46.0026 3708  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:43:46.0089 3708  dmload - ok
21:43:46.0089 3708  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:43:46.0151 3708  dmserver - ok
21:43:46.0183 3708  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:43:46.0229 3708  DMusic - ok
21:43:46.0245 3708  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:43:46.0292 3708  Dnscache - ok
21:43:46.0292 3708  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:43:46.0370 3708  Dot3svc - ok
21:43:46.0370 3708  dpti2o - ok
21:43:46.0370 3708  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:43:46.0433 3708  drmkaud - ok
21:43:46.0433 3708  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:43:46.0479 3708  EapHost - ok
21:43:46.0511 3708  [ 16EBD8BF1D5090923694CC972C7CE1B4 ] ENTECH          C:\WINDOWS\system32\DRIVERS\ENTECH.sys
21:43:46.0526 3708  ENTECH - ok
21:43:46.0526 3708  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:43:46.0589 3708  ERSvc - ok
21:43:46.0636 3708  [ 01C5FEDCC98721D61A74BC4CF054AFB0 ] eTSrv           C:\Programme\Aladdin\eToken\PKIClient\x32\eTSrv.exe
21:43:46.0651 3708  eTSrv - ok
21:43:46.0683 3708  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
21:43:46.0683 3708  Eventlog - ok
21:43:46.0714 3708  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
21:43:46.0729 3708  EventSystem - ok
21:43:46.0761 3708  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:43:46.0823 3708  Fastfat - ok
21:43:46.0854 3708  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:43:46.0886 3708  FastUserSwitchingCompatibility - ok
21:43:46.0917 3708  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
21:43:46.0964 3708  Fdc - ok
21:43:46.0995 3708  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:43:47.0058 3708  Fips - ok
21:43:47.0089 3708  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:43:47.0120 3708  FLEXnet Licensing Service - ok
21:43:47.0120 3708  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:43:47.0183 3708  Flpydisk - ok
21:43:47.0214 3708  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:43:47.0276 3708  FltMgr - ok
21:43:47.0292 3708  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:43:47.0339 3708  Fs_Rec - ok
21:43:47.0354 3708  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:43:47.0401 3708  Ftdisk - ok
21:43:47.0417 3708  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:43:47.0479 3708  Gpc - ok
21:43:47.0526 3708  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
21:43:47.0526 3708  gupdate - ok
21:43:47.0542 3708  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
21:43:47.0542 3708  gupdatem - ok
21:43:47.0573 3708  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:43:47.0620 3708  HDAudBus - ok
21:43:47.0651 3708  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:43:47.0714 3708  helpsvc - ok
21:43:47.0729 3708  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
21:43:47.0792 3708  HidServ - ok
21:43:47.0823 3708  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:43:47.0870 3708  hidusb - ok
21:43:47.0901 3708  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:43:47.0964 3708  hkmsvc - ok
21:43:47.0964 3708  hpn - ok
21:43:47.0995 3708  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:43:48.0011 3708  HTTP - ok
21:43:48.0026 3708  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:43:48.0089 3708  HTTPFilter - ok
21:43:48.0089 3708  i2omgmt - ok
21:43:48.0089 3708  i2omp - ok
21:43:48.0089 3708  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:43:48.0151 3708  i8042prt - ok
21:43:48.0151 3708  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:43:48.0214 3708  Imapi - ok
21:43:48.0229 3708  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:43:48.0292 3708  ImapiService - ok
21:43:48.0292 3708  ini910u - ok
21:43:48.0386 3708  [ 19AFBB8427CE65042599555E578170DF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:43:48.0511 3708  IntcAzAudAddService - ok
21:43:48.0511 3708  IntelIde - ok
21:43:48.0526 3708  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:43:48.0589 3708  intelppm - ok
21:43:48.0604 3708  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:43:48.0667 3708  Ip6Fw - ok
21:43:48.0683 3708  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:43:48.0745 3708  IpFilterDriver - ok
21:43:48.0745 3708  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:43:48.0808 3708  IpInIp - ok
21:43:48.0823 3708  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:43:48.0886 3708  IpNat - ok
21:43:48.0901 3708  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:43:48.0964 3708  IPSec - ok
21:43:48.0979 3708  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:43:49.0011 3708  IRENUM - ok
21:43:49.0026 3708  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:43:49.0089 3708  isapnp - ok
21:43:49.0151 3708  [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
21:43:49.0167 3708  JavaQuickStarterService - ok
21:43:49.0198 3708  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:43:49.0245 3708  Kbdclass - ok
21:43:49.0245 3708  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:43:49.0323 3708  kbdhid - ok
21:43:49.0339 3708  [ EA26CB00F83686856F2C79673C00C686 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
21:43:49.0354 3708  KL1 - ok
21:43:49.0370 3708  [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg            C:\WINDOWS\system32\drivers\klbg.sys
21:43:49.0370 3708  klbg - ok
21:43:49.0401 3708  [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
21:43:49.0417 3708  KLIF - ok
21:43:49.0433 3708  [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
21:43:49.0448 3708  klim5 - ok
21:43:49.0464 3708  [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
21:43:49.0479 3708  klkbdflt - ok
21:43:49.0479 3708  [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:43:49.0495 3708  klmouflt - ok
21:43:49.0511 3708  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
21:43:49.0526 3708  kltdi - ok
21:43:49.0542 3708  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:43:49.0604 3708  kmixer - ok
21:43:49.0620 3708  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
21:43:49.0620 3708  kneps - ok
21:43:49.0636 3708  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:43:49.0683 3708  KSecDD - ok
21:43:49.0698 3708  [ 93E64BAB9DEE162CA0CA5258D132A047 ] L1e             C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
21:43:49.0745 3708  L1e - ok
21:43:49.0776 3708  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
21:43:49.0792 3708  LanmanServer - ok
21:43:49.0823 3708  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:43:49.0854 3708  lanmanworkstation - ok
21:43:49.0854 3708  lbrtfdc - ok
21:43:49.0901 3708  [ 3AF6B73A3AD1FC37C5933441F66CEB91 ] LBTServ         C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
21:43:49.0917 3708  LBTServ - ok
21:43:49.0933 3708  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
21:43:49.0948 3708  LHidFilt - ok
21:43:49.0964 3708  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:43:50.0042 3708  LmHosts - ok
21:43:50.0042 3708  [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
21:43:50.0058 3708  LMouFilt - ok
21:43:50.0058 3708  [ 77030525CD86A93F1AF34FA9B96D33CE ] LUsbFilt        C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
21:43:50.0073 3708  LUsbFilt - ok
21:43:50.0089 3708  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:43:50.0167 3708  Messenger - ok
21:43:50.0183 3708  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:43:50.0245 3708  mnmdd - ok
21:43:50.0261 3708  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:43:50.0323 3708  mnmsrvc - ok
21:43:50.0339 3708  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:43:50.0417 3708  Modem - ok
21:43:50.0433 3708  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:43:50.0495 3708  Mouclass - ok
21:43:50.0495 3708  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:43:50.0558 3708  mouhid - ok
21:43:50.0573 3708  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:43:50.0636 3708  MountMgr - ok
21:43:50.0667 3708  [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:43:50.0683 3708  MozillaMaintenance - ok
21:43:50.0683 3708  mraid35x - ok
21:43:50.0698 3708  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:43:50.0745 3708  MRxDAV - ok
21:43:50.0776 3708  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:43:50.0839 3708  MRxSmb - ok
21:43:50.0854 3708  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:43:50.0901 3708  MSDTC - ok
21:43:50.0901 3708  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:43:50.0964 3708  Msfs - ok
21:43:50.0964 3708  MSIServer - ok
21:43:50.0979 3708  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:43:51.0042 3708  MSKSSRV - ok
21:43:51.0042 3708  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:43:51.0104 3708  MSPCLOCK - ok
21:43:51.0104 3708  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:43:51.0183 3708  MSPQM - ok
21:43:51.0198 3708  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:43:51.0245 3708  mssmbios - ok
21:43:51.0261 3708  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:43:51.0292 3708  MTsensor - ok
21:43:51.0292 3708  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:43:51.0323 3708  Mup - ok
21:43:51.0323 3708  [ A95FED4C2FB11C79E7DDBE2EFF1919B5 ] mv61xx          C:\WINDOWS\system32\DRIVERS\mv61xx.sys
21:43:51.0339 3708  mv61xx - ok
21:43:51.0370 3708  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:43:51.0433 3708  napagent - ok
21:43:51.0433 3708  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:43:51.0495 3708  NDIS - ok
21:43:51.0526 3708  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:43:51.0526 3708  NdisTapi - ok
21:43:51.0558 3708  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:43:51.0620 3708  Ndisuio - ok
21:43:51.0620 3708  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:43:51.0683 3708  NdisWan - ok
21:43:51.0683 3708  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:43:51.0714 3708  NDProxy - ok
21:43:51.0714 3708  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:43:51.0776 3708  NetBIOS - ok
21:43:51.0808 3708  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:43:51.0854 3708  NetBT - ok
21:43:51.0870 3708  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:43:51.0933 3708  NetDDE - ok
21:43:51.0933 3708  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:43:51.0995 3708  NetDDEdsdm - ok
21:43:52.0011 3708  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:43:52.0073 3708  Netlogon - ok
21:43:52.0073 3708  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
21:43:52.0136 3708  Netman - ok
21:43:52.0136 3708  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:43:52.0198 3708  NIC1394 - ok
21:43:52.0229 3708  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:43:52.0245 3708  Nla - ok
21:43:52.0245 3708  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:43:52.0308 3708  Npfs - ok
21:43:52.0323 3708  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:43:52.0401 3708  Ntfs - ok
21:43:52.0401 3708  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:43:52.0464 3708  NtLmSsp - ok
21:43:52.0464 3708  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:43:52.0542 3708  NtmsSvc - ok
21:43:52.0558 3708  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:43:52.0620 3708  Null - ok
21:43:52.0745 3708  [ 61BF339927F7A02C395F89FD8AD7CCFB ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:43:52.0917 3708  nv - ok
21:43:52.0933 3708  [ 45C2D5328DF5A613895CCBC5652D261F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
21:43:52.0964 3708  NVSvc - ok
21:43:52.0979 3708  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:43:53.0042 3708  NwlnkFlt - ok
21:43:53.0042 3708  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:43:53.0120 3708  NwlnkFwd - ok
21:43:53.0214 3708  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
21:43:53.0229 3708  odserv - ok
21:43:53.0245 3708  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:43:53.0308 3708  ohci1394 - ok
21:43:53.0354 3708  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:43:53.0370 3708  ose - ok
21:43:53.0386 3708  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
21:43:53.0448 3708  Parport - ok
21:43:53.0448 3708  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:43:53.0511 3708  PartMgr - ok
21:43:53.0526 3708  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:43:53.0589 3708  ParVdm - ok
21:43:53.0604 3708  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:43:53.0667 3708  PCI - ok
21:43:53.0667 3708  PCIDump - ok
21:43:53.0667 3708  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:43:53.0729 3708  PCIIde - ok
21:43:53.0761 3708  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:43:53.0823 3708  Pcmcia - ok
21:43:53.0823 3708  PDCOMP - ok
21:43:53.0823 3708  PDFRAME - ok
21:43:53.0823 3708  PDRELI - ok
21:43:53.0823 3708  PDRFRAME - ok
21:43:53.0823 3708  perc2 - ok
21:43:53.0823 3708  perc2hib - ok
21:43:53.0839 3708  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
21:43:53.0854 3708  PlugPlay - ok
21:43:53.0854 3708  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:43:53.0917 3708  PolicyAgent - ok
21:43:53.0933 3708  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:43:53.0995 3708  PptpMiniport - ok
21:43:53.0995 3708  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:43:54.0042 3708  ProtectedStorage - ok
21:43:54.0058 3708  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:43:54.0104 3708  PSched - ok
21:43:54.0104 3708  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:43:54.0167 3708  Ptilink - ok
21:43:54.0167 3708  ql1080 - ok
21:43:54.0167 3708  Ql10wnt - ok
21:43:54.0167 3708  ql12160 - ok
21:43:54.0167 3708  ql1240 - ok
21:43:54.0167 3708  ql1280 - ok
21:43:54.0183 3708  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:43:54.0245 3708  RasAcd - ok
21:43:54.0261 3708  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:43:54.0323 3708  RasAuto - ok
21:43:54.0323 3708  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:43:54.0386 3708  Rasl2tp - ok
21:43:54.0401 3708  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:43:54.0464 3708  RasMan - ok
21:43:54.0464 3708  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:43:54.0526 3708  RasPppoe - ok
21:43:54.0526 3708  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:43:54.0589 3708  Raspti - ok
21:43:54.0604 3708  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:43:54.0667 3708  Rdbss - ok
21:43:54.0667 3708  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:43:54.0729 3708  RDPCDD - ok
21:43:54.0745 3708  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:43:54.0792 3708  rdpdr - ok
21:43:54.0823 3708  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:43:54.0839 3708  RDPWD - ok
21:43:54.0854 3708  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:43:54.0917 3708  RDSessMgr - ok
21:43:54.0933 3708  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:43:54.0979 3708  redbook - ok
21:43:54.0995 3708  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:43:55.0073 3708  RemoteAccess - ok
21:43:55.0089 3708  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:43:55.0151 3708  RemoteRegistry - ok
21:43:55.0183 3708  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:43:55.0229 3708  RpcLocator - ok
21:43:55.0245 3708  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:43:55.0276 3708  RpcSs - ok
21:43:55.0292 3708  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:43:55.0354 3708  RSVP - ok
21:43:55.0386 3708  [ A6886CAF9D03DADE7144171E471ECA6F ] rt2870          C:\WINDOWS\system32\DRIVERS\rt2870.sys
21:43:55.0417 3708  rt2870 - ok
21:43:55.0433 3708  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:43:55.0495 3708  SamSs - ok
21:43:55.0526 3708  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:43:55.0573 3708  SCardSvr - ok
21:43:55.0604 3708  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:43:55.0667 3708  Schedule - ok
21:43:55.0698 3708  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:43:55.0729 3708  Secdrv - ok
21:43:55.0729 3708  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:43:55.0792 3708  seclogon - ok
21:43:55.0792 3708  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
21:43:55.0854 3708  SENS - ok
21:43:55.0886 3708  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:43:55.0933 3708  Serial - ok
21:43:55.0948 3708  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:43:55.0995 3708  Sfloppy - ok
21:43:56.0026 3708  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:43:56.0120 3708  SharedAccess - ok
21:43:56.0120 3708  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:43:56.0136 3708  ShellHWDetection - ok
21:43:56.0136 3708  Simbad - ok
21:43:56.0183 3708  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
21:43:56.0198 3708  SkypeUpdate - ok
21:43:56.0214 3708  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
21:43:56.0276 3708  SONYPVU1 - ok
21:43:56.0276 3708  Sparrow - ok
21:43:56.0292 3708  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:43:56.0354 3708  splitter - ok
21:43:56.0370 3708  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:43:56.0386 3708  Spooler - ok
21:43:56.0401 3708  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:43:56.0433 3708  sr - ok
21:43:56.0448 3708  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:43:56.0479 3708  srservice - ok
21:43:56.0495 3708  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:43:56.0526 3708  Srv - ok
21:43:56.0558 3708  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:43:56.0589 3708  SSDPSRV - ok
21:43:56.0604 3708  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:43:56.0683 3708  stisvc - ok
21:43:56.0683 3708  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:43:56.0745 3708  swenum - ok
21:43:56.0792 3708  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
21:43:56.0823 3708  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:43:56.0823 3708  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
21:43:56.0823 3708  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:43:56.0901 3708  swmidi - ok
21:43:56.0901 3708  SwPrv - ok
21:43:56.0901 3708  symc810 - ok
21:43:56.0901 3708  symc8xx - ok
21:43:56.0901 3708  sym_hi - ok
21:43:56.0901 3708  sym_u3 - ok
21:43:56.0901 3708  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:43:56.0964 3708  sysaudio - ok
21:43:56.0979 3708  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:43:57.0058 3708  SysmonLog - ok
21:43:57.0089 3708  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:43:57.0198 3708  TapiSrv - ok
21:43:57.0276 3708  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:43:57.0339 3708  Tcpip - ok
21:43:57.0354 3708  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:43:57.0417 3708  TDPIPE - ok
21:43:57.0448 3708  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:43:57.0511 3708  TDTCP - ok
21:43:57.0526 3708  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:43:57.0589 3708  TermDD - ok
21:43:57.0604 3708  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:43:57.0667 3708  TermService - ok
21:43:57.0698 3708  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:43:57.0698 3708  Themes - ok
21:43:57.0714 3708  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
21:43:57.0761 3708  TlntSvr - ok
21:43:57.0761 3708  TosIde - ok
21:43:57.0761 3708  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:43:57.0823 3708  TrkWks - ok
21:43:57.0823 3708  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:43:57.0886 3708  Udfs - ok
21:43:57.0886 3708  ultra - ok
21:43:57.0917 3708  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:43:57.0979 3708  Update - ok
21:43:57.0995 3708  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:43:58.0042 3708  upnphost - ok
21:43:58.0058 3708  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
21:43:58.0120 3708  UPS - ok
21:43:58.0136 3708  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:43:58.0183 3708  usbccgp - ok
21:43:58.0214 3708  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:43:58.0261 3708  usbehci - ok
21:43:58.0276 3708  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:43:58.0339 3708  usbhub - ok
21:43:58.0354 3708  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:43:58.0417 3708  usbprint - ok
21:43:58.0448 3708  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:43:58.0511 3708  usbscan - ok
21:43:58.0526 3708  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:43:58.0589 3708  usbstor - ok
21:43:58.0620 3708  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:43:58.0667 3708  usbuhci - ok
21:43:58.0683 3708  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:43:58.0761 3708  VgaSave - ok
21:43:58.0761 3708  ViaIde - ok
21:43:58.0776 3708  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:43:58.0839 3708  VolSnap - ok
21:43:58.0854 3708  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
21:43:58.0886 3708  VSS - ok
21:43:58.0901 3708  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
21:43:58.0964 3708  W32Time - ok
21:43:58.0979 3708  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:43:59.0042 3708  Wanarp - ok
21:43:59.0073 3708  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
21:43:59.0089 3708  Wdf01000 - ok
21:43:59.0089 3708  WDICA - ok
21:43:59.0104 3708  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:43:59.0151 3708  wdmaud - ok
21:43:59.0167 3708  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:43:59.0229 3708  WebClient - ok
21:43:59.0276 3708  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:43:59.0323 3708  winmgmt - ok
21:43:59.0339 3708  [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
21:43:59.0401 3708  WmdmPmSN - ok
21:43:59.0417 3708  [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi             C:\WINDOWS\System32\advapi32.dll
21:43:59.0448 3708  Wmi - ok
21:43:59.0464 3708  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:43:59.0526 3708  WmiApSrv - ok
21:43:59.0542 3708  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:43:59.0620 3708  wscsvc - ok
21:43:59.0651 3708  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:43:59.0698 3708  wuauserv - ok
21:43:59.0729 3708  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:43:59.0808 3708  WZCSVC - ok
21:43:59.0823 3708  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:43:59.0886 3708  xmlprov - ok
21:43:59.0886 3708  ================ Scan global ===============================
21:43:59.0917 3708  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:43:59.0948 3708  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:43:59.0948 3708  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:43:59.0948 3708  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:43:59.0948 3708  [Global] - ok
21:43:59.0948 3708  ================ Scan MBR ==================================
21:43:59.0964 3708  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:44:00.0198 3708  \Device\Harddisk0\DR0 - ok
21:44:00.0198 3708  ================ Scan VBR ==================================
21:44:00.0198 3708  [ 47E0CC1A6D04BE10421153B192D7E057 ] \Device\Harddisk0\DR0\Partition1
21:44:00.0198 3708  \Device\Harddisk0\DR0\Partition1 - ok
21:44:00.0229 3708  [ 8ED8C729A597F6455D2442F8E4817A9D ] \Device\Harddisk0\DR0\Partition2
21:44:00.0229 3708  \Device\Harddisk0\DR0\Partition2 - ok
21:44:00.0229 3708  ============================================================
21:44:00.0229 3708  Scan finished
21:44:00.0229 3708  ============================================================
21:44:00.0339 2492  Detected object count: 5
21:44:00.0339 2492  Actual detected object count: 5
21:44:57.0479 2492  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:44:57.0479 2492  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
21:44:57.0479 2492  ANIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:57.0479 2492  ANIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:57.0479 2492  ANIWConnService ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:57.0479 2492  ANIWConnService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:57.0479 2492  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:57.0479 2492  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:57.0479 2492  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:57.0479 2492  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Vielen Dank und guten Wochenstart,
conbi

Alt 28.01.2013, 11:00   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Bitte aswMBR nochmal richtig machen, irgendwas lief da schief
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.01.2013, 21:06   #11
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hi Cosinus,

Hab aswMBR nochmal runtergeladen und neu gemacht. Hier der Scan. Hoffe, der ist brauchbar!

Danke und Gruß

aswMBR:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-28 21:56:31
-----------------------------
21:56:31.156    OS Version: Windows 5.1.2600 Service Pack 3
21:56:31.156    Number of processors: 2 586 0x170A
21:56:31.156    ComputerName: DIGITEC-***  UserName: 
21:58:50.359    Initialize success
21:59:00.375    AVAST engine defs: 13012700
21:59:35.812    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:59:35.812    Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01113 Size: 476940MB BusType: 3
21:59:35.828    Disk 0 MBR read successfully
21:59:35.828    Disk 0 MBR scan
21:59:35.828    Disk 0 Windows XP default MBR code
21:59:35.828    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        80003 MB offset 63
21:59:35.828    Disk 0 Partition - 00     0F Extended LBA            396926 MB offset 163846935
21:59:35.843    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       396926 MB offset 163846998
21:59:35.843    Disk 0 scanning sectors +976752000
21:59:35.890    Disk 0 scanning C:\WINDOWS\system32\drivers
21:59:39.484    Service scanning
21:59:43.140    Service KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
21:59:43.156    Service klbg C:\WINDOWS\system32\drivers\klbg.sys **LOCKED** 5
21:59:43.234    Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
21:59:43.281    Service klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
21:59:43.281    Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:59:43.296    Service kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys **LOCKED** 5
21:59:43.359    Service kneps C:\WINDOWS\system32\DRIVERS\kneps.sys **LOCKED** 5
21:59:47.953    Modules scanning
21:59:50.625    Disk 0 trace - called modules:
21:59:50.640    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
21:59:50.656    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad64ab8]
21:59:50.656    3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000071[0x8adccf18]
21:59:50.656    5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ad71940]
21:59:50.656    Scan finished successfully
22:00:37.968    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
22:00:37.968    The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR_original_mitName_2.txt"
         

Alt 29.01.2013, 11:18   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Mir fällt gerade auf, dass du das GMER-Log immer noch nicht gepostet hast...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.01.2013, 04:49   #13
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hi Cosinus,

Wie bescheuert von mir.... Danke für den Hinweis!

Code:
ATTFilter
GMER 2.0.18444 - hxxp://www.gmer.net
Rootkit scan 2013-01-25 17:53:53
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD502IJ rev.1AA01113 465.76GB
Running: gmer-2.0.18444.exe; Driver: C:\DOKUME~1\***~1\LOKALE~1\Temp\uwtdypow.sys


---- System - GMER 2.0 ----

SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwAdjustPrivilegesToken [0xB5BE555C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwClose [0xB5B81A82]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwConnectPort [0xB5B98962]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateEvent [0xB5B81FFA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateMutant [0xB5B81EE0]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreatePort [0xB5B98C88]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateProcess [0xB5BE74D6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateProcessEx [0xB5BE76F2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateSection [0xB5BE85B2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateSemaphore [0xB5B8211A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateThread [0xB5BE7BB6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwCreateWaitablePort [0xB5B98D56]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwDebugActiveProcess [0xB5BE737C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwDeleteKey [0xB5B929E2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwDeleteValueKey [0xB5B941CA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwDeviceIoControlFile [0xB5B81AC6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwDuplicateObject [0xB5BE569E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwEnumerateKey [0xB5B939D6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwEnumerateValueKey [0xB5B9436A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwLoadDriver [0xB5BE5306]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwLoadKey [0xB5B9351A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwLoadKey2 [0xB5B93772]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwMapViewOfSection [0xB5BE83AC]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwNotifyChangeKey [0xB5B97126]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenEvent [0xB5B82090]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenMutant [0xB5B81F70]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenProcess [0xB5BE6F24]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenSection [0xB5BE885E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenSemaphore [0xB5B821B0]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwOpenThread [0xB5BE7912]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwQueryKey [0xB5B92816]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwQueryMultipleValueKey [0xB5B93FD8]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwQueryObject [0xB5B97332]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwQueryValueKey [0xB5B93DCC]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwQueueApcThread [0xB5BE8260]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwRenameKey [0xB5B92AF6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwReplaceKey [0xB5B93168]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwReplyPort [0xB5B98F96]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwReplyWaitReceivePort [0xB5B98E24]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwReplyWaitReceivePortEx [0xB5B98EDA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwRequestWaitReplyPort [0xB5B99006]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwRestoreKey [0xB5B9336E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwResumeThread [0xB5BE7F8C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSaveKey [0xB5B92C9A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSaveKeyEx [0xB5B92E30]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSaveMergedKeys [0xB5B92FCC]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSecureConnectPort [0xB5B98AF0]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSetContextThread [0xB5BE80E8]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSetInformationToken [0xB5B8223A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSetSystemInformation [0xB5BE5410]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSetValueKey [0xB5B93B96]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSuspendProcess [0xB5BE70C4]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSuspendThread [0xB5BE7E34]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwSystemDebugControl [0xB5B8224C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwTerminateProcess [0xB5BE7224]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwTerminateThread [0xB5BE7AB2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwUnmapViewOfSection [0xB5BE89C6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                                    ZwWriteVirtualMemory [0xB5BE86F0]

---- Kernel code sections - GMER 2.0 ----

.text  ntkrnlpa.exe!ZwCallbackReturn + 2C94                                                                                                                     8050458C 12 Bytes  [88, 8C, B9, B5, D6, 74, BE, ...]
.text  ntkrnlpa.exe!ZwCallbackReturn + 2D65                                                                                                                     8050465D 7 Bytes  [35, B9, B5, 72, 37, B9, B5]
.text  ntkrnlpa.exe!ZwCallbackReturn + 2E5D                                                                                                                     80504755 7 Bytes  [28, B9, B5, D8, 3F, B9, B5]
.text  ntkrnlpa.exe!ZwCallbackReturn + 2EDC                                                                                                                     805047D4 20 Bytes  [F6, 2A, B9, B5, 68, 31, B9, ...]
.text  ntkrnlpa.exe!ZwCallbackReturn + 2F14                                                                                                                     8050480C 20 Bytes  [8C, 7F, BE, B5, 9A, 2C, B9, ...]
.text  ...                                                                                                                                                      
.text  C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                                                 section is writeable [0xB8A2E360, 0x34CDBF, 0xE8000020]
init   C:\WINDOWS\system32\DRIVERS\aksifdh.sys                                                                                                                  entry point in "init" section [0xBA261090]

---- User code sections - GMER 2.0 ----

?      C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] C:\WINDOWS\system32\ntdll.dll                                                   time/date stamp mismatch; 
.text  C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] ntdll.dll!NtProtectVirtualMemory                                                7C91D6EE 5 Bytes  JMP 6CD01A54 C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ushata.dll (Ushata module/Kaspersky Lab ZAO)
?      C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] C:\WINDOWS\system32\kernel32.dll                                                time/date stamp mismatch; 
.text  C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] USER32.dll!AlignRects                                                           7E362A78 4 Bytes  [53, 2A, D0, 6C] {PUSH EBX; SUB DL, AL; INS BYTE [ES:EDI], DX}
?      C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] C:\WINDOWS\system32\ntdll.dll                                                  time/date stamp mismatch; 
.text  C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] ntdll.dll!NtProtectVirtualMemory                                               7C91D6EE 5 Bytes  JMP 6CD01A54 C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ushata.dll (Ushata module/Kaspersky Lab ZAO)
?      C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] C:\WINDOWS\system32\kernel32.dll                                               time/date stamp mismatch; 
.text  C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] USER32.dll!AlignRects                                                          7E362A78 4 Bytes  [53, 2A, D0, 6C] {PUSH EBX; SUB DL, AL; INS BYTE [ES:EDI], DX}

---- User IAT/EAT - GMER 2.0 ----

IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                  7DFF0520
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                      7DFF058C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                      7DFF05F8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]                7DFF0664
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtTerminateProcess]               7DFF0E68
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                  7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW]              7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtTerminateProcess]               7DFF0B74
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                      7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                  7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap]                7DFF0304
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                    7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW]                7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                        7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                    7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                       7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                   7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                    7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA]                7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                     7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate]                      7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                    7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                  7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                      7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW]                7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread]                    7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA]                7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                    7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                        7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                      7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                   7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                     7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                         7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate]                      7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                     7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                    7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                   7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy]                    7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate]                     7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate]                     7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                    7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                   7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                       7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                   7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW]                 7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                      7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread]                     7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                         7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                   7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                       7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode]                   7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                 7DFF0520
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                     7DFF058C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                     7DFF05F8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]               7DFF0664
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtTerminateProcess]              7DFF0E68
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                 7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                 7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW]             7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA]             7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                  7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]               7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtTerminateProcess]              7DFF0B74
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                     7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                 7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap]               7DFF0304
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                       7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                   7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW]              7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                      7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                  7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                   7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                    7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate]                     7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                  7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]               7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                 7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                 7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                     7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW]               7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA]               7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                   7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                       7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                    7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                        7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate]                     7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                    7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                 7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                   7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                    7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                  7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW]              7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy]                   7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate]                    7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate]                    7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                   7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW]              7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                  7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                      7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW]                7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread]                    7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                        7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                  7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                      7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]  7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!FreeLibrary]                  7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!HeapCreate]                   7DFF0448
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!HeapDestroy]                  7DFF04B4
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress]               7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [ntdll.dll!RtlFreeHeap]                     7DFF0298
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\IPHLPAPI.DLL [ntdll.dll!RtlAllocateHeap]                 7DFF022C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary]                     7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]                  7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]     7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!CreateThread]                  7DFF03DC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode]                  7DFF0D90
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA]              7DFF0C4C
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW]              7DFF0CB8
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7DFF0DFC
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress]                7DFF0D24
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary]                   7DFF0BE0
IAT    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[1968] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7DFF0DFC

---- EOF - GMER 2.0 ----
         

Alt 31.01.2013, 10:29   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2013, 23:09   #15
conbi
 
HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Standard

HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt



Hi Cosinus,

Bin wieder mal nicht sicher, ob alles richtig gelaufen ist...
Konnte nach dem Start der mbar.exe nur auf "Scan" drücken, nicht auf CleanUp (war ausgegraut). Nach dem Scan hiess es, "no malware found - no cleanup necessary" und CleanUp war nicht möglich...

mbar-log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.01.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: DIGITEC-*** [administrator]

02.02.2013 00:01:11
mbar-log-2013-02-02 (00-01-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 27410
Time elapsed: 11 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Antwort

Themen zu HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt
akamai, bho, ebanking, firefox, flash player, google, heur, heur:exploit.java.cve-2012-0507.gen, heur:exploit.java.generic, hijack, hijackthis, hkus\s-1-5-18, hängen, internet, internet explorer, internet security 2013, kaspersky, kaspersky internet security 2013, logfile, mozilla, security, senden, server, software, system, tastatur, trojaner, usb, windows, windows internet, windows xp



Ähnliche Themen: HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt


  1. Kaspersky - HEUR:Exploit.Java.CVE-2012-1723.gen
    Log-Analyse und Auswertung - 21.09.2013 (3)
  2. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  3. Kaspersky erkennt HEUR:Exploit.Java.CVE-2012-0507/1723.gen
    Plagegeister aller Art und deren Bekämpfung - 06.05.2013 (3)
  4. Trojaner: HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (37)
  5. HEUR:Exploit.Java.CVE-2012-0507.GEN weg oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 28.04.2013 (17)
  6. Kaspersky findet Exploit.Java.CVE-2012-0507
    Log-Analyse und Auswertung - 23.04.2013 (1)
  7. HEUR:Exploit.Java.CVE-2012-0507.gen
    Log-Analyse und Auswertung - 03.04.2013 (13)
  8. HEUR:Exploit.Java.CVE-2012-0507.gen und wetere Probleme
    Log-Analyse und Auswertung - 01.04.2013 (4)
  9. HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (40)
  10. HEUR:Exploit.Java.CVE-2012-0507.gen (von Kaspersky gefunden)
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (11)
  11. Virusbefall durch Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (23)
  12. Trojaner HEUR:Exploit.Java.CVE-2012-0507.gen und HEUR:Exploit.Java.Generic
    Log-Analyse und Auswertung - 26.01.2013 (24)
  13. HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (3)
  14. Befall durch HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (25)
  15. HEUR:Exploit.Java.CVE-2012-4681.gen" sowie mehrfach Exploit.Java.CVE-2012-0507.ou mit kaspersky gefunden in C:Dokumente und Einstellungen ge
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (11)
  16. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (21)
  17. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Mülltonne - 11.06.2012 (0)

Zum Thema HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt - Hallo Trojaner Board Bei mir hat Kaspersky Internet Security heute o.g. Trojaner gefunden, kann den aber nicht reparieren. Im detaillierten Bericht wird auf die Datei unter dem Pfad C:\dokumente und - HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt...
Archiv
Du betrachtest: HEUR:Exploit.Java.CVE-2012-0507.gen durch Kaspersky IS entdeckt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.